This is one of the myths out in the public domain at the monent, and used by those who don’t support MyHealth as one of the reasons to opt-out.
@TheBBG post above had a link to some of the debunked myths…
It is also importsnt to note that medical records are not something new. They are currently currently scattered around Australia/held by various parties including medical practitioners, medical test companies, hospitals, insurance companies, medicare/government etc. If one is worried about insurance companies accessing ones data, there has been the same opportunity in the past. Evidence shows that such has not been done and the MyHealth systems restricts who is authorised to access patient data… .insurance companies can’t.
It is also worth noting the one of the security of the records includes:
The Agency’s Cyber Security Centre continually monitors the system for evidence of unauthorised access. This includes utilising specialist security real-time monitoring tools that are configured and tuned to automatically detect events of interest or notable events. Examples of this include:
- Overseas access by Consumers and Healthcare Providers
- Multiple failed logins from the same computer
- Multiple logins within a short period of time
- Logins to the same record from multiple computers at the same time
- High transaction rate for a given Healthcare Provider
- Certain instances of after business hours access and all instances of emergency access.
It is a good initiative that they monitoring overseas IPs…however, it possibly would be better to completely block them as overseas IPs will possibly be the main source of most hackers.
It should also be only Australians and their medical services who should need access…which should be based in Australia. The only exceptions would be travelling Australians who may be in difficultly and wish to share their medical history…but this is possibly an likely scenario OR medical services companies that run their servers overseas. Restricting IPs to only Australia would force these companies to have local services to manage data/access which may not be a bad thing to so anyway.